Home Explore Help
Sign In
ouidade
/
lecampus.valdedrome.com
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: adc7d775dc
Branches Tags
lecampus.val...
/
system
/
src
/
Grav
/
Console
/
Cli
/
SecurityCommand.php

SecurityCommand.php 2.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @package    Grav\Console\Cli
    5. 

  5.  *
    6. 

  6.  * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
    7. 

  7.  * @license    MIT License; see LICENSE file for details.
    8. 

  8.  */
    9. 

  9. 

  10. namespace Grav\Console\Cli;
    11. 

  11. 

  12. use Grav\Common\Grav;
    13. 

  13. use Grav\Common\Security;
    14. 

  14. use Grav\Console\GravCommand;
    15. 

  15. use Symfony\Component\Console\Helper\ProgressBar;
    16. 

  16. use function count;
    17. 

  17. 

  18. /**
    19. 

  19.  * Class SecurityCommand
    20. 

  20.  * @package Grav\Console\Cli
    21. 

  21.  */
    22. 

  22. class SecurityCommand extends GravCommand
    23. 

  23. {
    24. 

  24.     /** @var ProgressBar $progress */
    25. 

  25.     protected $progress;
    26. 

  26. 

  27.     /**
    28. 

  28.      * @return void
    29. 

  29.      */
    30. 

  30.     protected function configure(): void
    31. 

  31.     {
    32. 

  32.         $this
    33. 

  33.             ->setName('security')
    34. 

  34.             ->setDescription('Capable of running various Security checks')
    35. 

  35.             ->setHelp('The <info>security</info> runs various security checks on your Grav site');
    36. 

  36.     }
    37. 

  37. 

  38.     /**
    39. 

  39.      * @return int
    40. 

  40.      */
    41. 

  41.     protected function serve(): int
    42. 

  42.     {
    43. 

  43.         $this->initializePages();
    44. 

  44. 

  45.         $io = $this->getIO();
    46. 

  46. 

  47.         /** @var Grav $grav */
    48. 

  48.         $grav = Grav::instance();
    49. 

  49.         $this->progress = new ProgressBar($this->output, count($grav['pages']->routes()) - 1);
    50. 

  50.         $this->progress->setFormat('Scanning <cyan>%current%</cyan> pages [<green>%bar%</green>] <white>%percent:3s%%</white> %elapsed:6s%');
    51. 

  51.         $this->progress->setBarWidth(100);
    52. 

  52. 

  53.         $io->title('Grav Security Check');
    54. 

  54.         $io->newline(2);
    55. 

  55. 

  56.         $output = Security::detectXssFromPages($grav['pages'], false, [$this, 'outputProgress']);
    57. 

  57. 

  58.         $error = 0;
    59. 

  59.         if (!empty($output)) {
    60. 

  60.             $counter = 1;
    61. 

  61.             foreach ($output as $route => $results) {
    62. 

  62.                 $results_parts = array_map(static function ($value, $key) {
    63. 

  63.                     return $key.': \''.$value . '\'';
    64. 

  64.                 }, array_values($results), array_keys($results));
    65. 

  65. 

  66.                 $io->writeln($counter++ .' - <cyan>' . $route . '</cyan> → <red>' . implode(', ', $results_parts) . '</red>');
    67. 

  67.             }
    68. 

  68. 

  69.             $error = 1;
    70. 

  70.             $io->error('Security Scan complete: ' . count($output) . ' potential XSS issues found...');
    71. 

  71.         } else {
    72. 

  72.             $io->success('Security Scan complete: No issues found...');
    73. 

  73.         }
    74. 

  74. 

  75.         $io->newline(1);
    76. 

  76. 

  77.         return $error;
    78. 

  78.     }
    79. 

  79. 

  80.     /**
    81. 

  81.      * @param array $args
    82. 

  82.      * @return void
    83. 

  83.      */
    84. 

  84.     public function outputProgress(array $args): void
    85. 

  85.     {
    86. 

  86.         switch ($args['type']) {
    87. 

  87.             case 'count':
    88. 

  88.                 $steps = $args['steps'];
    89. 

  89.                 $freq = (int)($steps > 100 ? round($steps / 100) : $steps);
    90. 

  90.                 $this->progress->setMaxSteps($steps);
    91. 

  91.                 $this->progress->setRedrawFrequency($freq);
    92. 

  92.                 break;
    93. 

  93.             case 'progress':
    94. 

  94.                 if (isset($args['complete']) && $args['complete']) {
    95. 

  95.                     $this->progress->finish();
    96. 

  96.                 } else {
    97. 

  97.                     $this->progress->advance();
    98. 

  98.                 }
    99. 

  99.                 break;
    100. 

  100.         }
    101. 

  101.     }
    102. 

  102. }
    103.